There is no definite answer as each plugin, whether available in a repo or not, should be handled on its own merit. Also, who says that that plugin caused your site to get hacked, it might have being a loophole in another plugin or even your theme.
Just in general, one should avoid using plugins and themes that are not actively being maintained as it does have an increased security vulnerability